[Zope3-dev] Permission granularity/permission groups
Jim Fulton
jim at zope.com
Thu Feb 10 07:09:01 EST 2005
Chris Withers wrote:
> Hi Jim,
>
> I think this is related to this thread, but I don't have enough detail
> to knoiw at what level.
>
> One thing I'm really keen to see change is a problem I often bump into
> in Zope 2, CMF in particular.
>
> A product author says a method/attribute should be protected by
> "Permission X", but also decides that 3 or 4 other methods should be
> protected by that permission.
>
> I want to only grant access to the first method to a role, but not the
> other 3 methods.
>
> In Zope 2, all I can do is go in and patch the product code, which means
> I have to maintain a patched version of the component I want to use.
>
> Does Zope 3 offer a way to override the component author's security
> declarations without patching the component itself?
Of course. You simply provide your own declarations for the class
in question, typically in (or in a file included by) your
overrides.zcml.
> Is that related to anything Garret was asking about?
Yup.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list